“It is still unclear how 120,000 units of Bitcoin digital currency, worth an estimated $72 million, were stolen from the Hong-Kong based Bitfinex exchange platform during the early hours of August 3rd. Bitfinex is considered the world’s largest dollar-based exchange for bitcoin. The immediate aftermath has shown Bitcoin dropping more than 20% within hours, and the entire Bitcoin community in a state of unrest. The hack is reminiscent of the MtGox scandal, where a total of $390 million was stolen in what seems to have been a software security flaw. It’s important to make one thing clear: the breach doesn’t look great for Bitfinex, or for the general state of cybersecurity in bitcoin exchanges. However, and this is key, it has little to do with the integrity of the underlying Blockchain technology. Essentially, this theft is a sophisticated version of a bank heist. But here, instead of stealing cash, they ‘stole’ code.
In the next few days the following questions will have to be carefully considered:
First, due to the fact that Blockchain is in fact a transparent ledger of all transactions, might that serve Bitfinex and the relevant authorities in tracking down the stolen bitcoins? Perhaps easier said than done, but, as experience with Silk Road has shown, Bitcoin is certainly easier to track than cash.
Second, judging from the MtGox precedent, if the extent of the theft proves to be close to what initial reports are estimating, Bitfinex could soon find itself filing for Bankruptcy leaving its customers seeking legal remedies to recover their loss. Customers will then have to define the precise nature of their legal right: do they have property or rather contractual based claims? This is crucial in order to determine where they stand in relation to other Bitfinex creditors as well as other third parties holding bitcoins. In fact, whether or not Bitcoin is property, currency, or perhaps a different right entirely, is an issue still being debated across jurisdictions and with various legal ramifications at the heart of bitcoin trade.
Lastly, the incident is another important wake-up call to the various virtual coin service providers to enhance their cybersecurity measures and protect their clients’ assets. This begs the question what type of regulation needs to be put in place (if at all). Should the virtual currency service providers be subject to regulation similar to that imposed on banks and other financial institutions? Either way, it is high time that the regulator acknowledges the specific characteristics of virtual currencies and the relevant service providers operating in the field, and develop the appropriate mechanisms to increase consumer protection.”